Merge pull request #84 from CoolerMinecraft/release

Release

Author: dev-banane

server/db/flightLogs.ts

@@ -1,5 +1,5 @@
 import { mainDb } from "./connection.js";
-import { encrypt, decrypt } from "../utils/encryption.js"; // Assuming decrypt function exists
+import { encrypt, decrypt } from "../utils/encryption.js";
 import { sql } from "kysely";
 
 export interface FlightLogData {
@@ -44,7 +44,6 @@ export async function logFlightAction(logData: FlightLogData) {
       .execute();
   } catch (error) {
     console.error('Error logging flight action:', error);
-    // Non-blocking: don't throw, just log
   }
 }
 
@@ -67,7 +66,6 @@ let cleanupInterval: NodeJS.Timeout | null = null;
 export function startFlightLogsCleanup() {
   const CLEANUP_INTERVAL = 24 * 60 * 60 * 1000; // Daily
 
-  // Initial cleanup after 1 minute
   setTimeout(async () => {
     try {
       await cleanupOldFlightLogs(30);
@@ -76,7 +74,6 @@ export function startFlightLogsCleanup() {
     }
   }, 60 * 1000);
 
-  // Recurring cleanup
   cleanupInterval = setInterval(async () => {
     try {
       await cleanupOldFlightLogs(30);
@@ -94,12 +91,12 @@ export function stopFlightLogsCleanup() {
 }
 
 export interface FlightLogFilters {
+  general?: string;
   user?: string;
   action?: 'add' | 'update' | 'delete';
   session?: string;
   flightId?: string;
-  dateFrom?: string;
-  dateTo?: string;
+  date?: string;
   text?: string;
 }
 
@@ -116,6 +113,20 @@ export async function getFlightLogs(
       .limit(limit)
       .offset((page - 1) * limit);
 
+    if (filters.general) {
+      const searchPattern = `%${filters.general}%`;
+      query = query.where((eb) =>
+        eb.or([
+          eb('username', 'ilike', searchPattern),
+          eb('session_id', 'ilike', searchPattern),
+          eb('flight_id', 'ilike', searchPattern),
+          eb('user_id', 'ilike', searchPattern),
+          eb(sql`old_data::text`, 'ilike', searchPattern),
+          eb(sql`new_data::text`, 'ilike', searchPattern),
+        ])
+      );
+    }
+
     if (filters.user) {
       query = query.where('username', 'ilike', `%${filters.user}%`);
     }
@@ -128,11 +139,14 @@ export async function getFlightLogs(
     if (filters.flightId) {
       query = query.where('flight_id', '=', filters.flightId);
     }
-    if (filters.dateFrom) {
-      query = query.where('timestamp', '>=', new Date(filters.dateFrom));
-    }
-    if (filters.dateTo) {
-      query = query.where('timestamp', '<=', new Date(filters.dateTo));
+    if (filters.date) {
+      const startOfDay = new Date(filters.date);
+      startOfDay.setHours(0, 0, 0, 0);
+      const endOfDay = new Date(filters.date);
+      endOfDay.setHours(23, 59, 59, 999);
+      
+      query = query.where('timestamp', '>=', startOfDay);
+      query = query.where('timestamp', '<=', endOfDay);
     }
     if (filters.text) {
       const searchPattern = `%${filters.text}%`;
@@ -144,11 +158,56 @@ export async function getFlightLogs(
       );
     }
 
-    const logs = await query.execute();
-    const total = await mainDb
+    let countQuery = mainDb
       .selectFrom('flight_logs')
-      .select((eb) => eb.fn.count('id').as('count'))
-      .executeTakeFirst();
+      .select((eb) => eb.fn.count('id').as('count'));
+
+    if (filters.general) {
+      const searchPattern = `%${filters.general}%`;
+      countQuery = countQuery.where((eb) =>
+        eb.or([
+          eb('username', 'ilike', searchPattern),
+          eb('session_id', 'ilike', searchPattern),
+          eb('flight_id', 'ilike', searchPattern),
+          eb('user_id', 'ilike', searchPattern),
+          eb(sql`old_data::text`, 'ilike', searchPattern),
+          eb(sql`new_data::text`, 'ilike', searchPattern),
+        ])
+      );
+    }
+    if (filters.user) {
+      countQuery = countQuery.where('username', 'ilike', `%${filters.user}%`);
+    }
+    if (filters.action) {
+      countQuery = countQuery.where('action', '=', filters.action);
+    }
+    if (filters.session) {
+      countQuery = countQuery.where('session_id', '=', filters.session);
+    }
+    if (filters.flightId) {
+      countQuery = countQuery.where('flight_id', '=', filters.flightId);
+    }
+    if (filters.date) {
+      const startOfDay = new Date(filters.date);
+      startOfDay.setHours(0, 0, 0, 0);
+      const endOfDay = new Date(filters.date);
+      endOfDay.setHours(23, 59, 59, 999);
+      
+      countQuery = countQuery.where('timestamp', '>=', startOfDay);
+      countQuery = countQuery.where('timestamp', '<=', endOfDay);
+    }
+    if (filters.text) {
+      const searchPattern = `%${filters.text}%`;
+      countQuery = countQuery.where((eb) =>
+        eb.or([
+          eb(sql`old_data::text`, 'ilike', searchPattern),
+          eb(sql`new_data::text`, 'ilike', searchPattern),
+        ])
+      );
+    }
+
+    const logs = await query.execute();
+    const total = await countQuery.executeTakeFirst();
 
     return {
       logs: logs.map(log => ({

server/db/users.ts

@@ -36,6 +36,9 @@ export async function getUserById(userId: string) {
   let cached = null;
   try {
     cached = await redisConnection.get(cacheKey);
+    if (cached) {
+      return JSON.parse(cached);
+    }
   } catch (error) {
     if (error instanceof Error) {
       console.warn('[Redis] Failed to read cache for user:', error.message);
@@ -134,6 +137,9 @@ export async function getUserByUsername(username: string) {
   let cached = null;
   try {
     cached = await redisConnection.get(cacheKey);
+    if (cached) {
+      return JSON.parse(cached);
+    }
   } catch (error) {
     if (error instanceof Error) {
       console.warn(`[Redis] Failed to read cache for username ${username}:`, error.message);
@@ -169,7 +175,7 @@ export async function getUserByUsername(username: string) {
   };
 
   try {
-    await redisConnection.set(cacheKey, JSON.stringify(result), "EX", 60 * 30); // cache for 30 minutes
+    await redisConnection.set(cacheKey, JSON.stringify(result), "EX", 60 * 30);
   } catch (error) {
     if (error instanceof Error) {
       console.warn(`[Redis] Failed to set cache for username ${username}:`, error.message);

server/routes/admin/flight-logs.ts

@@ -1,7 +1,9 @@
 import express, { Request, Response } from 'express';
-import { createAuditLogger, logIPAccess } from '../../middleware/auditLogger.js';
+import { createAuditLogger } from '../../middleware/auditLogger.js';
 import { requirePermission } from '../../middleware/rolePermissions.js';
 import { getFlightLogs, getFlightLogById } from '../../db/flightLogs.js';
+import { logAdminAction } from '../../db/audit.js';
+import { getClientIp } from '../../utils/getIpAddress.js';
 
 const router = express.Router();
 
@@ -12,26 +14,26 @@ router.get('/', createAuditLogger('ADMIN_FLIGHT_LOGS_ACCESSED'), async (req, res
     try {
         const pageParam = req.query.page;
         const limitParam = req.query.limit;
+        const generalParam = req.query.general;
         const userParam = req.query.user;
         const actionParam = req.query.action;
         const sessionParam = req.query.session;
         const flightIdParam = req.query.flightId;
-        const dateFromParam = req.query.dateFrom;
-        const dateToParam = req.query.dateTo;
+        const dateParam = req.query.date;
         const textParam = req.query.text;
 
         const page = typeof pageParam === 'string' ? parseInt(pageParam) : 1;
         const limit = typeof limitParam === 'string' ? parseInt(limitParam) : 50;
+        const general = typeof generalParam === 'string' ? generalParam : undefined;
         const user = typeof userParam === 'string' ? userParam : undefined;
         const validActions = ["add", "update", "delete"] as const;
         const action = typeof actionParam === 'string' && validActions.includes(actionParam as typeof validActions[number]) ? actionParam as typeof validActions[number] : undefined;
         const session = typeof sessionParam === 'string' ? sessionParam : undefined;
         const flightId = typeof flightIdParam === 'string' ? flightIdParam : undefined;
-        const dateFrom = typeof dateFromParam === 'string' ? dateFromParam : undefined;
-        const dateTo = typeof dateToParam === 'string' ? dateToParam : undefined;
+        const date = typeof dateParam === 'string' ? dateParam : undefined;
         const text = typeof textParam === 'string' ? textParam : undefined;
 
-        const data = await getFlightLogs(page, limit, { user, action, session, flightId, dateFrom, dateTo, text });
+        const data = await getFlightLogs(page, limit, { general, user, action, session, flightId, date, text });
         res.json(data);
     } catch (error) {
         console.error('Error fetching flight logs:', error);
@@ -55,14 +57,43 @@ router.get('/:id', createAuditLogger('ADMIN_FLIGHT_LOG_VIEWED'), async (req, res
 });
 
 // POST: /api/admin/flight-logs/reveal-ip/:id
-router.post('/reveal-ip/:id', createAuditLogger('FLIGHT_LOG_IP_REVEALED'), logIPAccess, async (req: Request, res: Response) => {
+router.post('/reveal-ip/:id', createAuditLogger('FLIGHT_LOG_IP_REVEALED'), async (req: Request, res: Response) => {
     try {
         const logId = req.params.id;
         const log = await getFlightLogById(logId);
         if (!log) {
             return res.status(404).json({ error: 'Flight log not found' });
         }
-        res.json({ ip_address: log.ip_address });
+
+        // Log the IP access manually since logIPAccess middleware isn't working properly
+        if (req.user?.userId) {
+            try {
+                const clientIp = getClientIp(req);
+                await logAdminAction({
+                    adminId: req.user.userId,
+                    adminUsername: req.user.username || 'Unknown Admin',
+                    actionType: 'FLIGHT_LOG_IP_REVEALED',
+                    targetUserId: log.user_id,
+                    targetUsername: log.username,
+                    details: {
+                        method: req.method,
+                        url: req.originalUrl,
+                        revealedIP: log.ip_address,
+                        flightLogId: log.id,
+                        timestamp: new Date().toISOString()
+                    },
+                    ipAddress: Array.isArray(clientIp) ? clientIp[0] : clientIp,
+                    userAgent: req.get('User-Agent') || null
+                });
+            } catch (auditError) {
+                console.error('Failed to log flight log IP access:', auditError);
+            }
+        }
+
+        res.json({
+            logId: log.id,
+            ip_address: log.ip_address
+        });
     } catch (error) {
         console.error('Error revealing flight log IP:', error);
         res.status(500).json({ error: 'Failed to reveal IP' });

server/routes/pilot.ts

@@ -1,6 +1,7 @@
 import express from 'express';
 import { getUserByUsername } from '../db/users.js';
 import { mainDb } from '../db/connection.js';
+import { isAdmin } from '../middleware/admin.js';
 
 const router = express.Router();
 
@@ -36,6 +37,7 @@ router.get('/:username', async (req, res) => {
 
         const shouldIncludeStats = privacySettings.displayPilotStatsOnProfile;
         const shouldIncludeLinkedAccounts = privacySettings.displayLinkedAccountsOnProfile;
+        const shouldIncludeBackground = privacySettings.displayBackgroundOnProfile;
 
         const profile = {
             user: {
@@ -49,11 +51,13 @@ router.get('/:username', async (req, res) => {
                 vatsim_rating_short: shouldIncludeLinkedAccounts ? userResult.vatsim_rating_short : null,
                 vatsim_rating_long: shouldIncludeLinkedAccounts ? userResult.vatsim_rating_long : null,
                 member_since: userResult.created_at,
+                is_admin: isAdmin(userResult.id),
                 roles: rolesResult,
                 role_name: rolesResult[0]?.name || null,
                 role_description: rolesResult[0]?.description || null,
                 bio: userResult.settings?.bio ?? '',
                 statistics: shouldIncludeStats ? (userResult.statistics || {}) : {},
+                background_image: shouldIncludeBackground ? userResult.settings?.backgroundImage : null,
             },
             privacySettings,
         };